Problem with NUT & CyberPower UPS
I picked up a CyberPower CP1500PFLCD UPS for my pfsense box and associated network gear. I am sharing my experience here to see if others have had similar problems or if my setup is uniquely messed up for some unknown reason. My system is a home-built box based on the intel D2500CCE Atom board running PFSense 2.3.2-RELEASE-p1 (amd64).
Upon trying to set it up with NUT, I ran into an issue where the UPS would not be detected despite the NUT documentation indicating that support for this model is available via the USB-HID driver.
I manually tried loading the driver to investigate.
[2.3.2-RELEASE][admin@]/usr/local/libexec/nut: ./usbhid-ups -DDDDDD -a CP1500PFLCD
Network UPS Tools - Generic HID driver 0.41 (2.7.4)
USB communication driver 0.33
0.000000 send_to_all: SETINFO driver.parameter.port "auto"
0.000157 debug level is '6'
0.002128 No appropriate HID device found
0.002158 No matching HID UPS found
There was no indication from the driver that this is a permissions problem but on a whim I decided to try loading the driver with the -u root option and it worked. Thus, it appears that whatever user NUT drops to when loading the driver does not have permission to attach to the /dev/ugen#.# devices. The NUT FAQ (http://networkupstools.org/docs/FAQ.html#_my_ups_driver_program_won_8217_t_work_i_8217_m_starting_it_as_root_and_root_owns_the_device_so_what_8217_s_the_problem) suggests that a permissions mismatch should complain with a message more indicative of the cause but that wasn't the case for me.
As a dirty workaround, I edited the /usr/local/pkg/nut/nut.inc file to add the following code at line 159
$upsfile .= "user=root\n";
just prior to the existing line that contains $upsfile .= "[" . $nut_config['name'] . "]\n";
With this change, NUT works perfectly now but I wondered if anyone might know why I encountered these difficulties on my setup. Is it intended that the driver loads as the root user and if so, is this a security concern?
After a little more digging, I think I have discovered why I had the issues detailed in the first post.
Foolishly, I did not even try rebooting my pfsense box upon installing NUT and connecting the UPS. After reading this post (https://forums.freebsd.org/threads/35205/) on the FREEBSD forums, it looks like the NUT package installs some new devd rules in /usr/local/etc/devd that don't load initially unless you reboot or issue the command
service devd restart
If just reloading the devd service rather than rebooting, you need to reconnect the UPS to allow the rule to take affect upon detection of the usb device.
These rules assign ownership of the usb connected UPS device to the uucp group so that the NUT usbhid driver has permission to access without being root.